strongSwan VPN Client
4.1star
3.49K izibuyekezo
1M+
Okudawunilodiwe
Wonke umuntu
info
Mayelana nalolu hlelo lokusebenza
Imbobo esemthethweni ye-Android yesixazululo esidumile se-Swan VPN.
# IZICI KANYE NEMIKHAWULO #
* Isebenzisa i-VpnService API efakwe yi-Android 4+. Amadivayisi abanye abakhiqizi abonakala entula ukusekelwa kwalokhu - iKlayenti ye-Swan VPN eqinile ngeke isebenze kulawa madivayisi!
* Isebenzisa i-IKEv2 key exchange protocol
* Isebenzisa i-IPsec yethrafikhi yedatha
* Ukusekelwa okugcwele kokuxhumeka okushintshile nokuhamba nge-MOBIKE (noma ukuqinisekiswa kabusha)
* Isekela ukuqinisekiswa kwegama lomsebenzisi/iphasiwedi ye-EAP (okungukuthi i-EAP-MSCHAPv2, i-EAP-MD5 ne-EAP-GTC) kanye nokhiye oyimfihlo we-RSA/ECDSA/ukuqinisekiswa kwesitifiketi sokuqinisekisa abasebenzisi, i-EAP-TLS enezitifiketi zeklayenti nayo iyasekelwa.
* Ukuqinisekisa okuhlanganisiwe kwe-RSA/ECDSA kanye ne-EAP kusekelwa ngokusebenzisa imizuliswano emibili yokuqinisekisa njengoba kuchazwe ku-RFC 4739
* Izitifiketi zeseva ye-VPN ziqinisekiswa ngokumelene nezitifiketi ze-CA ezifakwe ngaphambili noma ezifakwe umsebenzisi ohlelweni. I-CA noma izitifiketi zeseva ezisetshenziselwa ukugunyaza iseva nazo zingangeniswa ngokuqondile kuhlelo lokusebenza.
* Ukuhlukaniswa kwe-IKEv2 kusekelwa uma iseva ye-VPN iyisekela (i-strongSwan yenza njalo kusukela ngo-5.2.1)
* Ukwehlukanisa-umhubhe kuvumela ukuthumela ithrafikhi ethile kuphela nge-VPN kanye/noma ngaphandle kwethrafikhi ethile evela kuyo
* I-VPN yohlelo ngalunye ivumela ukukhawulela uxhumano lwe-VPN ezinhlelweni ezithile, noma ingazifaki ekuyisebenziseni
* Ukuqaliswa kwe-IPsec okwamanje kusekela i-AES-CBC, AES-GCM, ChaCha20/Poly1305 kanye ne-SHA1/SHA2 algorithms
* Amagama ayimfihlo okwamanje agcinwe njengombhalo ocacile kusizindalwazi (kuphela uma egcinwe nephrofayili)
* Amaphrofayili e-VPN angangeniswa evela kumafayela
* Isekela ukucushwa okuphethwe nge-Enterprise Mobility Management (EMM)
Imininingwane ne-changelog ingatholakala kumadokhumenti ethu: https://docs.strongswan.org/docs/latest/os/androidVpnClient.html
# IZIMVUME #
* READ_EXTERNAL_STORAGE: Ivumela ukungenisa amaphrofayela e-VPN nezitifiketi ze-CA kusitoreji sangaphandle kwezinye izinguqulo ze-Android
* QUERY_ALL_PACKAGES: Iyadingeka ku-Android 11+ ukuze ukhethe izinhlelo zokusebenza ozozikhipha/ uzifake kumaphrofayela e-VPN kanye necala lokusebenzisa le-EAP-TNC
# ISIBONELO SOKULUNGISWA KWEseva #
Ukulungiselelwa kweseva okuyisibonelo kungase kutholakale kumadokhumenti ethu: https://docs.strongswan.org/docs/latest/os/androidVpnClient.html#_server_configuration
Sicela uqaphele ukuthi igama lomsingathi (noma ikheli le-IP) elilungiselelwe ngephrofayela ye-VPN kuhlelo lokusebenza *kumele* liqukethwe kusitifiketi seseva njengesandiso se-subjectAltName.
# IMPENDULO #
Sicela uthumele imibiko yesiphazamisi kanye nezicelo zesici nge-GitHub: https://github.com/strongswan/strongswan/issues/new/choose
Uma wenza kanjalo, sicela ufake phakathi ulwazi mayelana nedivayisi yakho (umkhiqizi, imodeli, inguqulo ye-OS njll.).
Ifayela lokungena elibhalwe isevisi yokushintshanisa ukhiye lingathunyelwa ngokuqondile ngaphakathi kwesicelo.
# IZICI KANYE NEMIKHAWULO #
* Isebenzisa i-VpnService API efakwe yi-Android 4+. Amadivayisi abanye abakhiqizi abonakala entula ukusekelwa kwalokhu - iKlayenti ye-Swan VPN eqinile ngeke isebenze kulawa madivayisi!
* Isebenzisa i-IKEv2 key exchange protocol
* Isebenzisa i-IPsec yethrafikhi yedatha
* Ukusekelwa okugcwele kokuxhumeka okushintshile nokuhamba nge-MOBIKE (noma ukuqinisekiswa kabusha)
* Isekela ukuqinisekiswa kwegama lomsebenzisi/iphasiwedi ye-EAP (okungukuthi i-EAP-MSCHAPv2, i-EAP-MD5 ne-EAP-GTC) kanye nokhiye oyimfihlo we-RSA/ECDSA/ukuqinisekiswa kwesitifiketi sokuqinisekisa abasebenzisi, i-EAP-TLS enezitifiketi zeklayenti nayo iyasekelwa.
* Ukuqinisekisa okuhlanganisiwe kwe-RSA/ECDSA kanye ne-EAP kusekelwa ngokusebenzisa imizuliswano emibili yokuqinisekisa njengoba kuchazwe ku-RFC 4739
* Izitifiketi zeseva ye-VPN ziqinisekiswa ngokumelene nezitifiketi ze-CA ezifakwe ngaphambili noma ezifakwe umsebenzisi ohlelweni. I-CA noma izitifiketi zeseva ezisetshenziselwa ukugunyaza iseva nazo zingangeniswa ngokuqondile kuhlelo lokusebenza.
* Ukuhlukaniswa kwe-IKEv2 kusekelwa uma iseva ye-VPN iyisekela (i-strongSwan yenza njalo kusukela ngo-5.2.1)
* Ukwehlukanisa-umhubhe kuvumela ukuthumela ithrafikhi ethile kuphela nge-VPN kanye/noma ngaphandle kwethrafikhi ethile evela kuyo
* I-VPN yohlelo ngalunye ivumela ukukhawulela uxhumano lwe-VPN ezinhlelweni ezithile, noma ingazifaki ekuyisebenziseni
* Ukuqaliswa kwe-IPsec okwamanje kusekela i-AES-CBC, AES-GCM, ChaCha20/Poly1305 kanye ne-SHA1/SHA2 algorithms
* Amagama ayimfihlo okwamanje agcinwe njengombhalo ocacile kusizindalwazi (kuphela uma egcinwe nephrofayili)
* Amaphrofayili e-VPN angangeniswa evela kumafayela
* Isekela ukucushwa okuphethwe nge-Enterprise Mobility Management (EMM)
Imininingwane ne-changelog ingatholakala kumadokhumenti ethu: https://docs.strongswan.org/docs/latest/os/androidVpnClient.html
# IZIMVUME #
* READ_EXTERNAL_STORAGE: Ivumela ukungenisa amaphrofayela e-VPN nezitifiketi ze-CA kusitoreji sangaphandle kwezinye izinguqulo ze-Android
* QUERY_ALL_PACKAGES: Iyadingeka ku-Android 11+ ukuze ukhethe izinhlelo zokusebenza ozozikhipha/ uzifake kumaphrofayela e-VPN kanye necala lokusebenzisa le-EAP-TNC
# ISIBONELO SOKULUNGISWA KWEseva #
Ukulungiselelwa kweseva okuyisibonelo kungase kutholakale kumadokhumenti ethu: https://docs.strongswan.org/docs/latest/os/androidVpnClient.html#_server_configuration
Sicela uqaphele ukuthi igama lomsingathi (noma ikheli le-IP) elilungiselelwe ngephrofayela ye-VPN kuhlelo lokusebenza *kumele* liqukethwe kusitifiketi seseva njengesandiso se-subjectAltName.
# IMPENDULO #
Sicela uthumele imibiko yesiphazamisi kanye nezicelo zesici nge-GitHub: https://github.com/strongswan/strongswan/issues/new/choose
Uma wenza kanjalo, sicela ufake phakathi ulwazi mayelana nedivayisi yakho (umkhiqizi, imodeli, inguqulo ye-OS njll.).
Ifayela lokungena elibhalwe isevisi yokushintshanisa ukhiye lingathunyelwa ngokuqondile ngaphakathi kwesicelo.
Kubuyekezwe ngo-
Ukuphepha kuqala ngokuqonda ukuthi onjiniyela baqoqa futhi babelane kanjani ngedatha yakho. Ubumfihlo bedatha nezinqubo zokuphepha zingahluka kuye ngokusebenzisa kwakho, isifunda, nobudala. Unjiniyela unikeze lolu lwazi futhi angalubuyekeza ngokuhamba kwesikhathi.
Ayikho idatha eyabiwe nezinkampani zangaphandle
Funda kabanzi mayelana nendlela onjiniyela abaveza ngayo ukwabelana
Ayikho idatha eqoqiwe
Funda kabanzi mayelana nokuthi onjiniyela bakuveza kanjani ukuqoqwa
Izilinganiso nezibuyekezo
4.1
3.32K izibuyekezo
Yini entsha
# 2.6.0 #
- Allow pre-selecting a user certificate via alias in managed profiles
- Allow selecting a user certificate for managed profiles that don't install their own certificate
- Fix reading split-tunneling settings in managed profiles
- Adapt to edge-to-edge display, which becomes mandatory when targeting Android 16
- Increase target SDK to Android 16
# 2.5.6 #
- Add support for custom HTTP proxy server (Android 10+)
- Allow pre-selecting a user certificate via alias in managed profiles
- Allow selecting a user certificate for managed profiles that don't install their own certificate
- Fix reading split-tunneling settings in managed profiles
- Adapt to edge-to-edge display, which becomes mandatory when targeting Android 16
- Increase target SDK to Android 16
# 2.5.6 #
- Add support for custom HTTP proxy server (Android 10+)
Ukusekelwa kwe-app
Mayelana nonjiniyela
codelabs GmbH
android@strongswan.org
Vadianstrasse 41
9000 St. Gallen
Switzerland
+41 78 480 65 06
